OpenPGP Browser Support

Daniel Kahn Gillmor at
Thu Jul 24 19:10:15 CEST 2008

On Thu 2008-07-24 01:07:44 -0400, Duane wrote:

> I was pleasantly surprised to learn that OpenPGP has been accepted
> as a RFC, however I'm unable to find a browser or plugin for a
> browser that supports this, is anyone able to enlighten me?

I've yet to find one either, unfortunately.  There are two major
fields of work to see this happen successfully:

 * adapt one of the browsers that uses gnutls (epiphany?  galeon?) to
   be able to handle this TLS extension: this includes deciding how to
   store a keyring of trusted identity certifiers.

 * do the UI work necessary in that browser to let users choose how to
   manage their set of trusted identity certifiers.

Some implementation decisions would need to be made:

 * do you want to use/interact with the user's standard GPG keyring
   for any of this?

 * do you want to use the full web-of-trust model, or is a list of
   trusted authorities (similar to the current X.509 model)

 * how do you plan to match the OpenPGP User IDs to hosts?  Is just
   the name sufficient?  What about alternate ports?  (e.g. is
   "" the User ID you'll look for?  or should it be
   ""?  Or for alternate ports (e.g. not 443
   for https), should it be "" ? I don't believe
   the RFC actually specifies what must go here (though i'd be happy
   to be shown otherwise).

I'd really love to see this project get underway, but i haven't seen
anyone doing it yet.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 826 bytes
Desc: not available
URL: </pipermail/attachments/20080724/63e758be/attachment.pgp>

More information about the Gnutls-devel mailing list